Security is a team game

August 1, 2017

byCath GouldingHead of Information Security

When it comes to the fast-evolving, multi-dimensional nature of the internet, security is a process and not a goal. Cyber criminals are furiously exploring new methods of infiltration and technology is developing fast. To keep pace, Nominet works continuously to maintain the safety and integrity of the country’s namespace, cognisant of our responsibility in keeping the .UK domain secure.

Security is integral to everything we do at Nominet and starts from the ground up. We have new security gates in our offices in Oxford and promote basic security protocol to all staff, embedding it in the culture of our business.

Similar fastidiousness is applied to the running Domain Name System (DNS), the beating heart of our work as a registry. We are constantly monitoring the DNS using our analytics tool, turing. We are aware of what is happening in real time across our networks so we can spot patterns and trends that could indicate criminal activity, allowing us to respond accordingly.

Keeping our internal systems secure is only half the battle, as we have many channel partners who also need to be maintaining good cyber security to keep the .UK domain ‘healthy’. We are aware that this is a challenge for some registrars, especially when running a commercial operation on limited resources, and provide support services and resources to ease the process.

One of our developments has been to introduce mandatory 2FA. Two-factor authorisation (2FA) is becoming standard across many areas of the industry and serves as an extra precaution to keep hackers from accessing accounts or stealing passwords. It literally provides a second layer of security, requiring a password consisting of a static pin and a changing token. This makes it more difficult for hackers to gain access and cause damage.

2FA is designed to complement Domain Lock, which inserts additional authentication requirements into the process of modifying a domain name and therefore helps secure these from malicious intent. We re-launched Domain Lock in July with a more efficient locking process that also includes bulk functionality to allow registrars to apply, temporarily remove or delete up to 100 locks at a time. This change makes the system more secure for users, with a supplied list of contacts able to apply or remove the lock and edit the content within.

Protecting our domain names is growing more important as research has shown a rise in criminals registering domains for malicious use rather than hacking existing systems or domains. The alarming incident of the DNS hijacking of a Brazilian bank serves as a recent reminder that DNS threats are constantly evolving.

We don’t intend these new security measures to make life difficult – rather they are working for our registrars to protect their networks and ultimately keep their customers happy. We have access to a range of threat intelligence sources which we share with registrars in a new service called Domain Health. Introduced to our members in December 2016, this free service provides registrars with insights on which of their domains might be compromised. We also offer practical solutions on managing the issue, preventing a costlier intervention if matters were to escalate.

We take pride in our ability to keep the .UK domain safe but never rest on our laurels. Security is a full-time job and we are constantly working to monitor, maintain and innovate in our security efforts. Our work has attracted the attention of the UK government and we currently help keep their Public Services Network safe with the same tools that we use in-house. Likewise we do what we can to support the government’s strategy via NCSC, working together to help maintain the country’s position as a global digital leader by putting security front and centre. Security is a team sport and one that we can all play a part in to keep the .UK domain safe.